Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-10-22 | Merge pull request #2386 from c-po/vxlan-t5671 | Christian Breunig | |
vxlan: T5671: change port to IANA assigned default port | |||
2023-10-22 | vxlan: T5671: warn about changed default port number | Christian Breunig | |
2023-10-22 | Merge pull request #2390 from dmbaturin/T5672-remove-node.def-converter | Viacheslav Hletenko | |
scripts: T5672: remove the conf mode node.def importer | |||
2023-10-21 | smoketest: T2897: add basic cluster config | Christian Breunig | |
2023-10-21 | scripts: T5672: remove the conf mode node.def importer | Daniil Baturin | |
2023-10-21 | Merge pull request #2385 from fett0/T5667 | Christian Breunig | |
T5667: BGP label-unicast enable ecmp | |||
2023-10-20 | Merge pull request #2384 from srividya0208/T5642-1 | Christian Breunig | |
T5642: op-cmd: correction of generated file name | |||
2023-10-20 | vxlan: T5671: change port to IANA assigned default port | Christian Breunig | |
Currently VyOS VXLAN implementation uses the Linux assigned port 8472 that predates the IANA assignment. As Most other vendors use the IANA assigned port, follow this guideline and use the new default port 4789. Existing configuration not defining an explicit port number will be migrated to the old default port number of 8472, keeping existing configurations work! | |||
2023-10-20 | T5667: BGP label-uniscat enable ecmp | fett0 | |
2023-10-20 | T5642: op-cmd: correction of generated file name | srividya0208 | |
2023-10-19 | Merge pull request #2378 from c-po/bridge-t5670 | Christian Breunig | |
bridge: T5670: add missing constraint on "member interface" node | |||
2023-10-19 | Merge pull request #2362 from nicolas-fort/T5541 | Christian Breunig | |
T5541: firewall zone: re add firewall zone-base firewall | |||
2023-10-19 | Merge pull request #2377 from dmbaturin/T2897-no-cluster | Christian Breunig | |
cluster: T2897: add a migration script for converting cluster to VRRP | |||
2023-10-19 | Merge pull request #2344 from nicolas-fort/T5637 | Christian Breunig | |
T5637: add new rule at the end of base chains for default-actions and log capabilities | |||
2023-10-19 | vyos.configdict: T5670: move from str to list when calling conf.exists() | Christian Breunig | |
We have had a mix of both string and list arguments to conf.exists(), stremaline this to only make use of list calls. | |||
2023-10-19 | bridge: T5670: add missing constraint on "member interface" node | Christian Breunig | |
One could specify a bridge member of VXLAN1 interface, but it is not possible to create a VXLAN interface with the name of VXLAN1 - prohibited by VXLAN interface name validator. Add missing interface-name validator code | |||
2023-10-19 | cluster: T2897: add a migration script for converting cluster to VRRP | Daniil Baturin | |
2023-10-18 | Merge pull request #2373 from c-po/t4913-wifi-op-mode | Christian Breunig | |
T4913: migrate wireless scripts to new op-mode style | |||
2023-10-18 | Merge pull request #2374 from zdc/T5232-circinus | Christian Breunig | |
pmacct: T5232: Fixed socket parameters for trigger-packets | |||
2023-10-18 | pmacct: T5232: Fixed socket parameters for trigger-packets | zsdc | |
This fixes sending packets to uacctd using a socket. | |||
2023-10-17 | T4913: migrate wireless scripts to new op-mode style | Christian Breunig | |
2023-10-17 | Merge pull request #2371 from jestabro/bug-config-dep | John Estabrook | |
configdep: T5662: fix incorrect inspect.stack index of calling script | |||
2023-10-17 | configdep: T5662: fix incorrect inspect.stack index of calling script | John Estabrook | |
2023-10-17 | T5541: remove migration script from zone-based firewall to new cli. Syntax ↵ | Nicolas Fort | |
remains the same, so no migration is needed regarding this feature | |||
2023-10-16 | op-mode: T5653: command to display SSH server public key fingerprints | JeffWDH | |
2023-10-16 | Merge pull request #2367 from aapostoliuk/T5642-current | Christian Breunig | |
op-mode: T5642: 'generate tech-support archive' moved to vyos-1x | |||
2023-10-16 | Merge pull request #2366 from sever-sever/T5634 | Christian Breunig | |
T5634: Smoketest add OpenVPN encryption ciphers | |||
2023-10-16 | op-mode: T5642: 'generate tech-support archive' moved to vyos-1x | aapostoliuk | |
'generate tech-support archive' moved to vyos-1x. Output of 'show tech-support report' command is added to archive. The default location of the archive is moved to '/tmp'. The script is rewritten to Python. | |||
2023-10-16 | T5634: Smoketest add encryption ciphers | Viacheslav Hletenko | |
As `providers legacy default` option was deleted with insecure DES and Blowfish ciphers, the smoketest cannot pass without adding encyption ciphers Otherwise Oct 16 09:41:34 r4 openvpn-vtun5[9648]: DCO version: N/A Oct 16 09:41:34 r4 openvpn-vtun5[9648]: Cipher BF-CBC not supported Oct 16 09:41:34 r4 openvpn-vtun5[9648]: Exiting due to fatal error Fix the smoketest | |||
2023-10-14 | Merge pull request #2359 from erkin/progressbar | Christian Breunig | |
remote: T5650: Resize-aware progressbar implementation | |||
2023-10-14 | Merge pull request #2361 from zdc/T5232-circinus | Christian Breunig | |
pmacct: T5232: Fixed pmacct service control via systemctl | |||
2023-10-13 | T5541: firewall zone: re add firewall zone-base firewall | Nicolas Fort | |
2023-10-12 | pmacct: T5232: Fixed pmacct service control via systemctl | zsdc | |
pmacct daemons have one very important specific - they handle control signals in the same loop as packets. And packets waiting is blocking operation. Because of this, when systemctl sends SIGTERM to uacctd, this signal has no effect until uacct receives at least one packet via nflog. In some cases, this leads to a 90-second timeout, sending SIGKILL, and improperly finished tasks. As a result, a working folder is not cleaned properly. This commit contains several changes to fix service issues: - add a new nftables table for pmacct with a single rule to get the ability to send a packet to nflog and unlock uacctd - remove PID file options from the uacctd and a systemd service file. Systemd can detect proper PID, and PIDfile is created by uacctd too late, which leads to extra errors in systemd logs - KillMode changed to mixed. Without this, SIGTERM is sent to all plugins and the core process exits with status 1 because it loses connection to plugins too early. As a result, we have errors in logs, and the systemd service is in a failed state. - added logging to uacctd - systemctl service modified to send packets to specific address during a service stop which unlocks uacctd and allows systemctl to finish its work properly | |||
2023-10-12 | Merge pull request #2357 from devon-mar/ldpd-template-errors | Christian Breunig | |
ldpd: T5648: Fix ldpd template errors | |||
2023-10-12 | Merge pull request #2358 from jestabro/schema-check | Christian Breunig | |
xml: T5649: catch errors from schema validation before generating cache | |||
2023-10-12 | remote: T5650: Resize-aware progressbar implementation | erkin | |
2023-10-12 | xml: T5649: catch errors from schema validation before generating cache | John Estabrook | |
2023-10-12 | openvpn: T5634: fix permissions on migration file | John Estabrook | |
2023-10-12 | Merge pull request #2277 from aapostoliuk/T5254-1-sagitta | Daniil Baturin | |
bonding: T5254: Fixed changing ethernet when it is a bond member | |||
2023-10-12 | openvpn: T5634: fix typo | John Estabrook | |
2023-10-11 | ldpd: T5648: Fix ldpd template errors | Devon Mar | |
Bug introduced in https://github.com/vyos/vyos-1x/commit/8fb6e715d32e7eff77e413d8577059dd55b24c0a | |||
2023-10-11 | Merge pull request #2353 from dmbaturin/T5634-no-more-blowfish | John Estabrook | |
openvpn: T5634: Remove support for insecure DES and Blowfish ciphers | |||
2023-10-12 | openvpn: T5634: Remove support for insecure DES and Blowfish ciphers | Daniil Baturin | |
2023-10-11 | Merge pull request #2342 from sever-sever/T5165 | Viacheslav Hletenko | |
T5165: Implement policy local-route source and destination port | |||
2023-10-10 | Merge pull request #2352 from jestabro/api-self-config | Daniil Baturin | |
http-api: T2612: correct the response message and add reload for api self-configuration | |||
2023-10-09 | conf-mode: T5412: remove refs to vyos module for use by addon packages | John Estabrook | |
2023-10-09 | http-api: T2612: reload server within configsession for api self-config | John Estabrook | |
2023-10-09 | http-api: T2612: send response before reconfiguring api server | John Estabrook | |
2023-10-08 | Merge pull request #2349 from Apachez-/T5489 | Christian Breunig | |
T5489: Change default qdisc from 'fq' to 'fq_codel' | |||
2023-10-08 | Change to BBR as TCP congestion control, or at least make it an config option | Apachez | |